Hello all,
i am using vb.net to enter some information in sql server databse. using below code everthig works fine. but if we enter single inverted coma (') in the tex box or in rich text box then it is giving me sql error "SQL error Unclosed quotation mark before the character string" Please help me out to find solution for this one.
Dim cnSQL = New SqlClient.SqlConnection
cnSQL.ConnectionString = "workstation id=STATH26;packet size=4096;user id=sysop;data source=ACAD-IMAGE; persist security info=True; initial catalog=AcadAdmin;password=otg"
Dim cmSQL As SqlClient.SqlCommand
Dim strSQL As String
cnSQL.Open()
Try
strSQL = "INSERT INTO dbo.TechProject(Name, [Project Name], Priority, Description, [Start Date], [Est End Date], [Date Completed], Completed)VALUES('" & TName.Text & "', '" & TProjectName.Text & "' , '" & CBPriority.SelectedItem & " ','" & RTDescription.Text & "', '" & DTStartDate.Value & "','" & DTEstEndDate.Value & "','" & DTDateCompleted.Value & "','" & CBCompleted.SelectedItem & "')"
cmSQL = New SqlClient.SqlCommand(strSQL, cnSQL)
cmSQL.ExecuteNonQuery()
' Close and Clean up objects
MsgBox("Data Saved Successfully")
cnSQL.Close()
cmSQL.Dispose()
cnSQL.Dispose()
Me.Close()
Catch Exp As SqlClient.SqlException
MsgBox(Exp.Message, MsgBoxStyle.Critical, "SQL Error")
Catch Exp As Exception
MsgBox(Exp.Message, MsgBoxStyle.Critical, "General Error")
End Try